package com.coolbi.security.web.oauth;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import com.coolbi.security.biz.RoleToGroupBiz;
import com.coolbi.security.biz.UserBiz;
import com.coolbi.security.biz.UserToGroupBiz;
import com.coolbi.security.entity.Roles;
import com.coolbi.security.entity.UserGroup;

/**
 * @Description 为Spring Security提供一个经过用户认证后的UserDetails
 * @author for2cold
 * 
 */
public class MyUserDetailsService implements UserDetailsService {

	@Autowired
	private UserBiz userBiz;
	public void setUserBiz(UserBiz userBiz) {
		this.userBiz = userBiz;
	}
	
	@Autowired
	private UserToGroupBiz userToGroupBiz;
	public void setUserToGroupBiz(UserToGroupBiz userToGroupBiz) {
		this.userToGroupBiz = userToGroupBiz;
	}
	
	@Autowired
	private RoleToGroupBiz roleToGroupBiz;
	public void setRoleToGroupBiz(RoleToGroupBiz roleToGroupBiz) {
		this.roleToGroupBiz = roleToGroupBiz;
	}

	/** 返回一个包括用户名、密码、权限、是否可用、是否过期等信息的UserDetails */
	@Override
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException, DataAccessException {
		Collection<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
		com.coolbi.security.entity.User user = userBiz
				.findUserByUsername(username);
		if (null == user) {
			throw new UsernameNotFoundException(username);
		}
		String password = user.getPassword();
		List<Roles> roles = obtainRolesByUserId(user);
		for (Roles role : roles) {
			GrantedAuthorityImpl grantedAuthorityImpl = new GrantedAuthorityImpl(
					role.getAuthority());
			auths.add(grantedAuthorityImpl);
		}
		User userDetails = new User(username, password, user.isEnable(), true, true, !user.isLock(),
				auths);
		return userDetails;
	}
	
	/**获取User、用户组所属角色*/
	private List<Roles> obtainRolesByUserId(com.coolbi.security.entity.User user) {
		List<Roles> roles = user.getRolesList();
		List<UserGroup> userGroupList = userToGroupBiz.findGroupByUserId(user.getId());
		List<Roles> roleList = null;
		if (null != userGroupList) {
			for (UserGroup userGroup : userGroupList) {
				roleList = roleToGroupBiz.findRoleByGroupId(userGroup.getId());
				if (null != roleList) {
					roleList.addAll(roleToGroupBiz.findParentRoleByGroupId(userGroup.getId()));
				}
			}
		}
		if (null != roleList) {
			roles.addAll(roleList);
			/**剔除List中的重复项*/
			Iterator<Roles> it = roles.iterator();
			if (roles != null && roles.size() != 0) {
				HashMap<Long, Roles> map = new HashMap<Long, Roles>();
				while (it.hasNext()) {
					Roles role = (Roles) it.next();
					Roles roleMap = (Roles) map.get(role.getId());
					if (roleMap == null) {
						map.put(role.getId(), role);
					} else {
						it.remove();
					}
				}
			}
		}
		return roles;
	}
}
